Conventional wireless mobile communication systems typically include a wireless access point or base station that communicates with mobile user (subscriber) terminals or stations via a wireless communication link. The access point or base station is coupled to a radio access network controller, and together they form a radio access network. The radio access network is coupled to a core network that includes both a circuit-switched (CS) facility and a packet-switched (PS) facility. Interfaces provided between the radio access network controller and the core network respectively support circuit-switched traffic associated with the circuit-switched facility and packet-switched traffic associated with the packet-switched facility. In GSM systems, for example, the radio access network is referred to as GSM Edge Radio Access Network (GERAN), the radio access network controller is referred to as a Base Station Controller (BSC), the interface for circuit-switched traffic is referred to as the A-interface, the interface for packet-switched traffic is referred to as the Gb-interface, the circuit-switched facility is referred to as a Mobile Switching Center (MSC), and the packet-switched facility is referred to as a Serving General Packet Radio Services (GPRS) Support Node (SGSN).
Conventional radio access networks other then GERAN are capable of cooperation with the aforementioned MSC and SGSN via the aforementioned A- and Gb-interfaces. In some of these radio access networks, the access point uses unlicensed radio technologies such as WiFi or Bluetooth to communicate with mobile stations, and communicates with the radio access network controller via an IP (Internet Protocol) link over, for example, an xDSL connection. One example is the so-called UMA (Unlicensed Mobile Access) radio access network, wherein the radio access network controller is referred to as the UMA Network Controller (UNC). UMA has been adopted as a 3GPP standard referred to as the Generic Access Network (GAN), wherein the UNC is correspondingly referred to as the Generic Access Network Controller (GANC). The UNC/GANC also contains a security gateway, referred to as UNC-SGW/GANC-SEGW, to support IPsec (Internet Protocol Security) connections. The IPsec connections are terminated in the UNC-SGW/GANC-SEGW, and the other endpoint is the mobile station.
In 3G/UMTS systems, the radio access network is referred to as UMTS RAN or UTRAN. In UTRAN, the radio access network controller is referred to as the Radio Network Controller (RNC). The interface to the core network for circuit-switched traffic is referred to as the Iu-CS interface, and the interface to the core network for packet-switched traffic is referred to as the Iu-PS interface.
In systems that use IP communications between the mobile station and the radio access network controller, there is a security concern that the IP communications might be successfully infiltrated by unauthorized parties posing as legitimate subscribers, which could result in considerable mischief in the system.
In UMA/GAN, mobile identities are used in the following instances:                1. When the mobile station (MS) establishes the IPsec secure connection (IPsec tunnel) towards the security gateway UNC-SGW (GANC-SEGW), the UNC-SGW triggers authentication of the MS towards a AAA-server (Authentication, Authorization and Accounting server). The AAA-server then authenticates the MS using the IMSI (International Mobile Subscriber Identity) of the MS, as provided by the MS.        2. When the MS registers at the UNC, the MS provides its IMSI to the UNC.        3. When the MS communicates with the CS facility of the core network (e.g., MSC), the MS uses either its IMSI or its TMSI (Temporary Mobile Subscriber Identity) to identify itself.        4. When the MS communicates with the PS facility of the core network (e.g., SGSN), the MS uses either its IMSI or its P-TMSI (Packet Temporary Mobile Subscriber Identity) to identify itself.In the interest of security, the UMA specifications recommend that the UNC-SGW and the UNC verify that the same IMSI is used in operations 1 and 2 above, and solutions that perform this verification have been proposed in U.S. Ser. No. 11/047,880, which is incorporated herein by reference.        
Another known solution, described in PCT/IB2005/000103, which is incorporated herein by reference, enables the UNC to verify that the same IMSI is used in operations 2 and 3 above. More specifically, the UNC performs the desired verification by analyzing upper layer (Layer 3, Mobility Management (MM)) messages sent between the MS and the MSC. However, the required analysis of upper layer message traffic can be complicated, and consume substantial processing power, in part because this traffic is intended to be transparent to the UNC. Thus, the UNC must engage in “layer violation”, accessing information that is transmitted according to communication protocols that are not terminated at the UNC. Moreover, there are circumstances where the upper layer message traffic between the MS and the MSC does not include the IMSI information that is needed in order to perform the verification. For example, a Temporary Mobile Station Identity (TMSI) may be used instead of the IMSI.
The operation designated at 4 above also gives rise to the possibility of unauthorized infiltration.
It is desirable in view of the foregoing to provide a more comprehensive solution to the problem of securing systems such as described above against infiltration by unauthorized parties.